This newsletter highlights all the feature articles published on Continuity Central during June 2021, as well as various resources.

NOTE: If you cannot read this newsletter properly visit www.continuitycentral.com/roundupjuly2021.html

FEATURE ARTICLES

The security risk of fragmented identities: dealing with the dangers of identity sprawl
Kamel Heus explores the concept of identity sprawl, the risks associated with it, and suggests five best practices which organizations can implement to help ensure a robust identity consolidation strategy.
Read the article
• World

What happened to UK data privacy compliance?
It might be Brexit ‘no more European rules’ complacency or the all-consuming COVID-19 survival strategies – even a mixture of both – but too many UK companies seem to have forgotten their carefully crafted data privacy strategies says Peter Newton. The risks have not gone away and an urgent reassessment is required…
Read the article
• UK

Still trying to manage business continuity or risk using spreadsheets? It’s time to move on…
Spreadsheets are a ubiquitous tool in the business world but they have limitations and if you are trying to manage critical business processes, including business continuity or risk programs, using them you are making life difficult for yourself. Andrew Dinning explains why…
Read the article
• World

Three best practices for mitigating digital third-party risks
As businesses continue to evolve in response to COVID-19, rapidly moving towards digital transformation, there’s a risk they’re exposing themselves to more third-party risk than is necessary. Aaron Dobie suggests three steps that can help mitigate some of these risks.
Read the article
• World

A question of integration: the importance of incorporating cyber security into operational resilience strategies
To achieve effective operational resilience firms must make a significant strategic shift, adopting an integrated approach to addressing operational resilience and cyber security, rather than seeing them as two disparate functions, says Guy Warren…
Read the article
• UK / World

How will ransomware attackers respond to the Colonial Pipeline ransom recovery?
The FBI has announced that it successfully seized criminal proceeds from a bitcoin wallet that DarkSide ransomware actors used to collect a cyber ransom payment from Colonial Pipeline. The question that the ransom recovery raises is how will ransomware attackers respond?
Read the article
• World

Flash drive shortage forces new thinking about enterprise storage: how to avoid critical issues
With flash media inventories depleted and the cost of drives increasing rapidly, enterprises have been forced to pivot to meet their need for capacity and performance. Experts at StorONE have offered advice for organizations to help ensure that the shortages don’t result in mission critical issues…
Read the article
• World

RESEARCH, REPORTS & PUBLICATIONS

Risk management survey shows that climate change is now a top concern for banks
For the first time since the survey’s inception over a decade ago, climate change tops the list of long-term risks for banks, according to the 11th EY and Institute of International Finance (IIF) bank risk management survey.
Read the article
• World

Impacts of supply chain resilience issues highlighted in Global Supply Chain Report
Amid a series of supply chain shocks to the global economy -- including COVID, SolarWinds, the Suez Canal debacle and more - a new international survey, the Interos Annual Global Supply Chain Report, reveals that global supply chain disruptions cost large companies, on average, $184 million a year.
Read the article
• World

Survey finds growing collaboration between cyber security and integrated risk management programs
NAVEX Global has released key findings from a survey of IT security professionals in the US and UK on collaboration between IT and risk management functions.
Read the article
• US / UK

The first major AI-driven global cyber attack will occur in the next 12 months: survey
Deep Instinct has launched its Voice of SecOps Report. This annual report highlights current and emerging threats, the impact these have on the day-to-day lives of SecOps professionals, and how automation will play a significant role moving forward.
Read the article
• World

Study explores security gaps linked to BYOD initiatives
Bitglass has released findings from its 2021 BYOD Security Report that show the risks associated with the rapid adoption of unmanaged personal devices connecting to work-related resources (BYOD).
Read the article
• World

Joint ABI and Flood Re report highlights UK flood risks and need for maintenance of defences
A joint report published by the Association of British Insurers (ABI) and Flood Re highlights the vital need to maintain the UK’s flood defences in good condition. Flooding is the greatest natural disaster risk in the UK and is rising with six of the ten wettest years on record occurring since 1998.
Read the article
• UK

Survey finds that many organizations are adopting SASE as a pandemic response but confusion exists on what it actually is…
Global research commissioned by Versa Networks examining the adoption of secure access service edge (SASE) by businesses during the lockdown has revealed that the adoption of SASE has soared during the pandemic.
Read the article
• Various

Link11 identifies new wave of DDoS extortion campaigns
The Link11 Security Operations Center (LSOC) has recently observed a sharp increase in ransom distributed denial of service (RDDoS or RDoS) attacks. Enterprises from a wide range of business sectors are receiving extortion e-mails from the sender Fancy Lazarus demanding 2 Bitcoins (approx. 66,000 euros).
Read the article
• World

Survey report provides a snapshot of the State of Risk Management
MetricStream has released the results of a new survey on the State of Risk Management. The survey found that while cyber security emerged as an even greater risk concern during the pandemic, organizations with agile integrated risk management solutions responded better to pandemic-driven challenges.
Read the article
• World

60 percent of organizations would consider paying in the event of a ransomware attack
Despite the Director of the FBI, the US Attorney General and the White House warning firms against paying cyber-related ransoms, 60 percent of organizations have admitted they would make a payment in the event of a successful ransomware attack according to new research from the Neustar International Security Council (NISC).
Read the article
• Various

20 percent of US and UK manufacturers were victims of a cyber attack in 12 month period
1-in-5 manufacturing companies in the US and UK have been victims of a cyber attack in the last 12 months, according to the 2021 Manufacturing Cybersecurity Threat Index released by Morphisec.
Read the article
• US / UK

Corporate and cloud infrastructures more at risk than ever from expanded attack surfaces: report
Zscaler, Inc., has published ‘Exposed’, a global report on the state of corporate attack surfaces. Based on data sourced between February 2020 and April 2021, the report provides a look at the impact of attack surface exposure during the COVID-19 pandemic.
Read the article
• World

Apathy towards system updates is putting UK organizations at risk
25 percent of UK employees have previously had a dispute with IT staff about the importance or frequency of updating their work devices. Surprisingly, UK IT teams tend to agree with such demands and let 75 percent of staff skip installing updates on certain software or the OS. This was revealed in a study commissioned by Kaspersky to explore workers’ attitudes and habits toward updates.
Read the article
• UK

Multi- and hybrid-cloud infrastructure drive security and management challenges
OpsCompass has announced the results of a report it conducted on cloud security and management challenges. The ‘2021 State of Cloud Security Posture Management Report’ is based on survey responses from 253 full-time, US-based, IT professionals who develop, and either deploy or manage enterprise cloud applications or infrastructure.
Read the article
• North America

Many security leaders believe that employees have picked up bad cyber security habits since working remotely
A new report from Tessian reveals that a majority of IT leaders (56 percent) believe that their employees have picked up bad cyber security behaviors / behaviours since working from home.
Read the article
• US / UK

CPNI issues guidance on protecting against Fire as a Weapon attacks
The UK Centre for the Protection of National Infrastructure has developed new guidance to assist organizations in planning for and protecting against terrorist attacks using Fire as a Weapon (FAW).
Read the article
• UK / World

DNS attacks on the rise finds 2021 Global DNS Threat Report
EfficientIP has announced the results of its 2021 Global DNS Threat Report. The annual research, which was conducted in collaboration with IDC, sheds light on the frequency of the different types of DNS attack and the associated costs for the last year throughout the COVID-19 pandemic.
Read the article
• World

Positive Technologies uncovers serious threats to industrial control systems worldwide
Positive Technologies experts have identified 10 vulnerabilities in the CODESYS automation software for industrial control systems. Some are of high and critical severity. CODESYS has fixed the vulnerabilities and released related security advisories.
Read the article
• World

Pandemic response: the Impact of COVID-19 on Workplace Collaboration Survey
AvePoint, Inc., has published the results of its ‘Impact of COVID-19 on Workplace Collaboration Survey’. The report, conducted in partnership with Exec Survey and iGov Survey, reveals how over 200 organizations in the UK managed business continuity when the pandemic hit, where they face security challenges today, and what policies and procedures they are prioritising in the next six months.
Read the article
• UK

SONAR 2021 identifies restarting of mothballed facilities as the largest short term emerging risk
The Swiss Re Institute has published its SONAR 2021 which provides a wide-ranging analysis of emerging risks. The report finds that COVID-19 shaped the top two emerging risks this year.
Read the article
• World

ISO releases guidelines for developing business continuity plans and procedures
ISO has published ‘ISO/TS 22332 Security and resilience - Business continuity management systems - Guidelines for developing business continuity plans and procedures’, a new technical specification to assist organizations with business continuity planning.
Read the article
• World

New study looks at ‘From Crisis to Opportunity: Redefining Risk Management’
A new study from the analytics organization, SAS, and Longitude looks at approaches to risk management and resilience in the banking sector around the world. The study, ‘From Crisis to Opportunity: Redefining Risk Management’, is based on a survey of 300 senior banking executives across 24 countries.
Read the article
• World

Responding to terrorist incidents: developing effective command and control
The UK Centre for the Protection of National Infrastructure (CPNI) in collaboration with the Home Office and National Counter Terrorism Security Office (NaCTSO) has published a new guidance document to assist critical infrastructure owners plan for terrorist incidents.
Read the article
• UK / World

Lack of data is holding back the financial sector back when it comes to climate risk management
The availability of data is the single greatest difficulty that firms expect to face over the next five years whilst making plans to address climate risk, according to a survey of leading financial institutions by Willis Towers Watson.
Read the article
• World

CALL FOR PAPERS

Written a relevant article or white paper? We'd like to consider it for publication on Continuity Central. Simply e-mail editor@continuitycentral.com

PRIVACY NOTICE

You can read our privacy information at https://www.continuitycentral.com/index.php/privacy-and-cookies

You have subscribed to this newsletter. To unsubscribe visit:
http://www.continuitycentral.com/index.php/unsubscribe or e-mail webmaster@continuitycentral.com

Continuity Central is a registered trademark